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DETAILED ACTION 

Response to Amendment 

1. Applicant's amendment filed 18 June 2008 amends claims 1, 2, and 21. Applicant's 
amendment has been fully considered and entered. 

Response to Arguments 

2. Applicant argues that the current § 101 rejections have been overcome in light of the 
current amendments made to the specification removing the reference to carrier signals. This 
argument is persuasive as the claimed mediums can only be embodied on storage mediums. 
Therefore, the previous §101 rejections have been withdrawn. 

3. Applicant argues, "the cited portion of IPMI does not teach, for example, passing the 
authentication credentials to the booted operating system." Applicant's argument has been fully 
considered and is persuasive. Therefore, the rejection has been withdrawn. However, upon 
further consideration, a new ground(s) of rejection is made in view of Roese, U.S. Publication 
2004/0158735, in view of Buer, U.S. Publication No. 2004/0250126. 

4. Applicant argues, "Buer. . .does not. . .pass to the [sic] authentication credentials to the 
booted operating system of a supplicant system." This argument is not persuasive because Buer 
discloses that authentication is performed using the TLS protocol, which meets the claim 
limitation because TLS uses data elements to perform authentication that can be considered 
"credentials". 

5. Applicant's arguments against the § 103 rejections are not persuasive because the factual 
inquiries set forth in Graham v. John Deere Co., 383 U.S. 1, 148 USPQ 459 (1966), that are 
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applied for establishing a background for determining obviousness under 35 U.S.C. 103(a) have 
been fully set forth. 

Claim Rejections - 35 USC § 112 

6. The following is a quotation of the first paragraph of 35 U.S.C. 112: 

The specification shall contain a written description of the invention, and of the manner and process of making 
and using it, in such full, clear, concise, and exact terms as to enable any person skilled in the art to which it 
pertains, or with which it is most nearly connected, to make and use the same and shall set forth the best mode 
contemplated by the inventor of carrying out his invention. 

7. Claims 1-14, 21-24 are rejected under 35 U.S.C. 1 12, first paragraph, as failing to comply 
with the written description requirement. The claim(s) contains subject matter which was not 
described in the specification in such a way as to reasonably convey to one skilled in the relevant 
art that the inventor(s), at the time the application was filed, had possession of the claimed 
invention. The specification does not support network port authentication during the pre-boot 
phase as currently claimed. Applicant points to Figure 5 and the accompanying description for 
support. This section of the specification discloses that authentication credentials are 
retrieved/generated during the pre-boot phase, but the actual network port authentication does 
not occur until the operating system has actually booted and is running. Step 504 in Figure 5 
shows performing port authentication via operating system using authentication credentials 
during OS-runtime. Figure 5 clearly shows that the actual port authentication occurs after the OS 
has booted and run. 

8. The following is a quotation of the second paragraph of 35 U.S.C. 112: 

The specification shall conclude with one or more claims particularly pointing out and distinctly claiming the 
subject matter which the applicant regards as his invention. 
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9. Claims 1-14, 21-24 are rejected under 35 U.S.C. 1 12, second paragraph, as being 
indefinite for failing to particularly point out and distinctly claim the subject matter which 
applicant regards as the invention. 

10. The claims require performing network port authentication during the pre-boot phase 
using authentication credential that have yet to be received, which renders the claims indefinite 
because it is unclear how the authentication is performed using data that is not available for use. 
Subsequent claim limitations require booting, receiving credentials, and then performing 
authentication using received credentials. Therefore, for the purposes of examination the claims 
will be treated as having all operations occur after booting has occurred. 

1 1 . Claim 3 requires "loading an operating system image into the supplicant system. . .", 
which renders the claims indefinite because it is unclear whether or not the claimed operating 
system is the same operating system claimed in claim 1 . 

12. Claim 4 requires the network port to be authenticated during the operating system 
runtime phase, which directly contradicts claim 1 , which requires the network port to be 
authenticated prior to booting of the operating system. 

Claim Rejections - 35 USC §103 

13. The following is a quotation of 35 U.S.C. 103(a) which forms the basis for all 
obviousness rejections set forth in this Office action: 

(a) A patent may not be obtained though the invention is not identically disclosed or described as set forth in 
section 102 of this title, if the differences between the subject matter sought to be patented and the prior art are 
such that the subject matter as a whole would have been obvious at the time the invention was made to a person 
having ordinary skill in the art to which said subject matter pertains. Patentability shall not be negatived by the 
manner in which the invention was made. 
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14. The factual inquiries set forth in Graham v. John Deere Co., 383 U.S. I, 148 USPQ 459 
(1966), that are applied for establishing a background for determining obviousness under 35 
U.S.C. 103(a) are summarized as follows: 

1 . Determining the scope and contents of the prior art. 

2. Ascertaining the differences between the prior art and the claims at issue. 

3. Resolving the level of ordinary skill in the pertinent art. 

4. Considering objective evidence present in the application indicating obviousness 
or nonobviousness. 

15. Claims 1-4, 9-14, 21, 22, 24 are rejected under 35 U.S.C. 103(a) as being unpatentable 
over Roese, U.S. Publication 2004/0158735, in view of Buer, U.S. Publication No. 
2004/0250126. Referring to claims 1-4, 10-12, 21, 22, 24, Roese discloses 802.1x network 
authentication wherein an endpoint device is authenticated for network access to a specified port 
utilizing firmware functions (Figure 1 & [0015] & [0030]), which meets the limitation of loading 
port authentication firmware instructions in a supplicant system during a pre-boot phase, 
authenticating a network port hosted by an authenticator system to which the supplicant system 
is linked via execution of the port authentication firmware instructions on the supplicant system, 
wherein the network port is authenticated during the pre-boot phase, booting an operating system 
in the supplicant system, loading an operating system image into the supplicant system over a 
network that is accessed via the network port that is authenticated, the network port is 
authenticated during an operating system (OS) runtime phase, the media comprises a firmware 
storage device. Roese does not specify port authentication using an access/challenge scheme. 
Buer discloses port authentication using an access/challenge scheme that employs a transport 
layer security (TLS) challenge response in which authentication is determined based on 
credentials provided by the supplicant system, the TLS challenge response employs credentials 
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stored in a Trusted Platform Module (TPM), and wherein the method further comprises 
retrieving the credentials from the TPM ([0022]-[0026]), which meets the limitation of passing 
the authentication credentials to the booted operating system, using the passed authentication 
credentials and the booted operating system to perform a port authentication process, the port is 
authenticated using an access/challenge scheme, the access/challenge scheme employs a 
Transport Layer Security (TLS) challenge response in which authentication is determined based 
on credentials provided by the supplicant system, the TLS challenge response employs 
credentials stored in a Trusted Platform Module (TPM), and wherein the method further 
comprises retrieving the credentials from the TPM. It would have been obvious to one of 
ordinary skill in the art at the time the invention was made for the authentication scheme of 
Roese to utilize the TPM and TLS protocol as described by Buer in order to allow direct 
communication with the network while circumventing the TCP/IP stack at the client machine as 
taught by Buer ([0024]-[0025]). 

Referring to claim 9, Roese discloses authentication using EAP over LANs ([0007] & 
[00028]). 

Referring to claim 13, Roese discloses a determination of whether a port is authenticated 
is made by an authentication server that is linked in communication with the authenticator 
system (Figure 1, 103). 

Referring to claim 14, Roese discloses a callable interface via which a port authentication 
process can be invoked ([0025]). 

16. Claims 5-8, 23 are rejected under 35 U.S.C. 103(a) as being unpatentable over Roese, 
U.S. Publication 2004/0158735, in view of Buer, U.S. Publication No. 2004/0250126, and 
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further in view of Cotichini, U.S. Patent No. 6,300,863. Referring to claims 5-8, 23, Roese does 
not disclose that the firmware utilizes hidden execution mode transparent to the operation 
system. Cotichini discloses a CompuTrace agent that is adapted to work under an SMM 
environment that is triggered in response to an SMI event (Col. 30, lines 6-22), which meets the 
limitation of network port authentication is performed by executing the port authentication 
firmware using a hidden execution mode that is transparent to an operating system running on 
the supplicant system during the OS-runtime phase, the hidden execution mode is a system 
management mode (SMM), the firmware instructions are embedded as one or more SMM 
handlers, asserting an SMI on a processor of the supplicant on a periodic basis, dispatching said 
one or more SMM handlers to handle the SMI via operations, determining if a network port 
needs to be authentication, and in response, authenticating the network port. It would have been 
obvious to one of ordinary skill in the art at the time the invention was made to utilize a 
transparent agent similar to CompuTrace to perform authentication functions in Roese in order to 
provide independent transactions at regular intervals as taught by Cotichini (Col. 30, lines 6-9). 
Conclusion 

17. Any inquiry concerning this communication or earlier communications from the 
examiner should be directed to BENJAMIN E. LANIER whose telephone number is (571)272- 
3805. The examiner can normally be reached on M-Th 6:00am-4:30pm. 

If attempts to reach the examiner by telephone are unsuccessful, the examiner's 
supervisor, Gilberto Barron can be reached on 571-272-3799. The fax phone number for the 
organization where this application or proceeding is assigned is 571-273-8300. 
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Information regarding the status of an application may be obtained from the Patent 
Application Information Retrieval (PAIR) system. Status information for published applications 
may be obtained from either Private PAIR or Public PAIR. Status information for unpublished 
applications is available through Private PAIR only. For more information about the PAIR 
system, see http://pair-direct.uspto.gov. Should you have questions on access to the Private PAIR 
system, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). If you would 
like assistance from a USPTO Customer Service Representative or access to the automated 
information system, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000. 



/Benjamin E Lanier/ 

Primary Examiner, Art Unit 2132 



